<%
  String strReferer = ((HttpServletRequest)pageContext.getRequest()).getHeader("Referer");
  
  if ((strReferer==null) || !strReferer.startsWith("http"))
  {
    out.println("Access Denied!");
    return;
  }
	
%>

<%  
  java.util.HashSet privilegeSet = null;
  if(session.getAttribute("privileges").getClass().getName().equals("java.util.HashSet"))
	  privilegeSet = (java.util.HashSet)session.getAttribute("privileges");
	boolean bHasPrivilege = false;
	if(privilegeSet != null)
	{
    java.util.StringTokenizer st = new java.util.StringTokenizer(privilegeCode,",");
    while(st.hasMoreTokens())
      if(privilegeSet.contains(st.nextToken()))   
      {
        bHasPrivilege = true;
        break;
      }  
  }
  if(!bHasPrivilege)
  { 
    java.util.Vector errs = new java.util.Vector();
		java.util.HashMap errMessage = new java.util.HashMap();
		errMessage.put("messagecode", "USER_NO_PRIVILEGE_IN_THE_PAGE"); 
		errs.addElement(errMessage);
		session.setAttribute("errorcode", errs);    	
		response.sendRedirect(ConstantProp.DEFAULT_ROOT_PATH + "/Error.jsp?" + OvalTools.randomURL() + "");
		return;
	}  
%>
<%@include file="ForbiddenKey.inc"%>
